Part of Wireless Assessments is always getting a visual view of your client set up. I am always looking for new ways to do this however the best way I have found is using a tool called GISkismet which was written by a guy I know named Jabra.  I was getting ready for work this week and I decided to write a quick article on how to do this. All the tools are open source and available on the backtrack 4 cd except Google earth which you must install.

The first thing to do is start our gps device:

root@bt:~#gpsd -N -n -D 3 /dev/ttyUSB0

NOTE: The -N option makes gpsd run n the foreground and the -D sets the debug level. This alows us to make sure the gps actually gets connected to the satellite.

gpsd2

Once we get our gps going we will want to get Kismet started:
1. Select it from the menu

gpsd2

2. Start the server

kismet2

3. Start the client

kismet3

4. Select yes to define a source wifi device for the packet capture

kismet4

5. Enter the name of your interface, in my case it is wlan0
NOTE: Kismet puts your interface into monitor mode for you so the is no need to do it manually.

kismet5

6. Close the server window and then you will be presented with the client interface of Kismet

kismet7

You will need to make sure the gps data is working, you can check this on the Kismet client interface right under the list of access points. I normally capture for a good amount of time to get the most accurate possible gps data.

Kismet saves 5 different types of files by default, the one we are interested in is called the .netxml file:

netxml

Once we have made sure our file was properly created we can select GISKismet for the backtrack menu:

giskismet

GISKismet created a database file using Sqlite so that multiple instances of data can be added. The following command will insert the data from the .netxml file into the database:

root@bt:~# giskismet -x Kismet-20110221-08-56-26-1.netxml

giskismet1

Once we do that we can query our database at any time and output the results to a kml file which is what Google earth will accept:

giskismet -q "select * from wireless" -o giskismet_demo.kml

Now lets open Google Earth from the Backtrack Menu: How to can be found here

googleearth

Next go to File > Open and select our .kml file we just created:

googleearth11

Once Google Earth parses your data you will be taken to a aerial view of the source of your capture which maps out the access points around and color codes them based on encryption:

googleearth2

You can also click on each AP in the map and get more info about the access point like essid, bssid and a few other things. Well thats it, I hope this can help someone to make their wireless reporting a little easier.

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , ,
Leave a Reply

*Type the letter/number combination in the abvoe field before clicking submit.

*